patch: stub implementation of XMLHttpRequest
Dirk Mueller
mueller at kde.org
Wed Feb 25 02:16:22 CET 2004
On Tuesday 24 February 2004 23:21, Maciej Stachowiak wrote:
> "www.kde.org" to "kde.org". So perhaps it's not that much of a risk,
> but yes, it will affect XMLHttpRequest just like it affects XSS.
euhm.. now you're implying that it is actually applied to XMLHttpRequest. The
current implementation in Safari, however does not do that. Its a completely
separate and incompatible check to the XSS one.
So can I interpret from that that you changed the XSS check implementation?
> > (get, put, head etc) and the url.
> Nope, no such thing. You can put anything in the headers or body.
Sure, but thats not a secure implementation.
More information about the Khtml-devel
mailing list